3 matches found
CVE-2021-24841
The Helpful WordPress plugin before 4.4.59 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-24841
The Helpful WordPress plugin before 4.4.59 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-24841
The CVE-2021-24841 entry covers a vulnerability in the WordPress Helpful plugin for WordPress prior to 4.4.59. The issue is caused by insufficient sanitisation and escaping of certain plugin settings, enabling stored Cross-Site Scripting (XSS) by high-privilege users even when the unfiltered_html...